Theft Protection

Means to Protect the Data

Encryption: the Linux Kernel offers different options.
This
Encrypted dual boot single hard drive system HOWTO,
explains how to secure your system using nothing but Free Software.
It was primarily written for people with a dual boot laptop, describing
free tools to encrypt Microsoft Windows as well as Linux partitions.

User passwords: can be easily bypassed if the intruder gets physical
access to your machine.

Hard Disk Passwords:

BIOS passwords: are easily crackable at least with older laptop models.
Some manufacturers have now a second boot password (IBM).

If you use a BIOS password/boot loader security, ADVERTISE IT! Paste a
sticker (or tape a piece of paper) on the top of your laptop, saying
something like:

WARNING
This laptop is password protected. The password can only be removed
by an authorized [manufacturer's name] technician presented with
proof of ownership. So don't even think of stealing it, because
it won't do you any good.

Before you buy a second hand machine, check whether the machine seems to
be stolen. I have provided a survey of
databases for stolen laptops.

Means to Protect the Hardware

Laptop lock: Almost all (if not all) of the new laptops come with a slot
for the lock, and if yours doesn't have one, most locks come with a kit
to add a slot. One of Targus' Defcon locks even has a motion sensor,
so you don't have to lock it up to a secure place, if you don't have
one around.

The only drawback that I can think of is that it takes a couple extra
seconds to set up or pack up your laptop. It takes about 30 seconds to
snap into place and makes it impossible to quickly walk away with the
laptop. It won't stop a determined thief with the time to unscrew the
legs of the desk or one that wanders around with a substantial pair of
wire cutters in hand, but I feel pretty secure leaving the laptop on my
desk while I go to meetings or lunch.

Well known manufacturers of dedicated laptop locks are
Kensignton
and TARGUS.

Name plates: to reduce the possibility of theft, you may want to have a
nameplate (name, phone, e-mail, address) made and affixed to the cover
of the laptop. A nice one will cost you about $12, and can be made by
any good trophy shop. They'll glue it on for you too. You could use
double-sided tape instead, but glue is more permanent. So it's easy to
return, but will look beaten and abused if these are removed. You may
even make an engravement into the laptop cover (inside). And even better
into every removable part (hard disk, battery, CD/DVD drive, power
unit). If this machine ever gets to a repair office, I might get the
machine back. Make sure you remember to update the plates if you move.

If you don't mind marking up a piece of equipment worth several thousand
dollars, make sure your laptop has some distinguishing feature that is
easily recognizable, e.g. a bunch of stickers pasted on it. Not only
does it make your laptop easier to recognize, my guess is that people
would be less likely to steal it.

It might even be useful to have a sticker that clearly says “Does
Not Run Windows”. This is at least an argument for having your
bootloader stop at the bootloader prompt, rather than mosey onwards into
a colorful XDM login.

Link xlock to apm services. What
about setting a system such as when the laptop is unused for a while,
instead of using normal apm service and suspend the machine, makes it
run an xlock, disable the apm services in a way such that they do not
suspend the machine automatically and start a 'laptop-protection
daemon'. When the xlock disappears, the daemon is stopped and the apm
services are restarted (so you might use the apm services yourself).

In the case somebody unplugs the machine while under the xlock (without
giving the password), then the daemon would detect it and could start
doing some preventive action, such as:
- playing a sound with maximum volume saying "I am getting stolen".
- this daemon could also register to a fixed local server and do a ping
every now and then. If the ping stops before the daemon unregister to
the server, then server then can take other actions, such as sending
SMS message, starting a video camera, in the room, etc. The apm
services down would make the stealer unable to use the hot keys to
suspend/stop the machine, isn't it?

You can change the “pollution preventer” logo at startup on
AWARD BIOSES. See instructions from
Sven Geggus.
For IBM ThinkPads there is a dedicated DOS utility for burning
your bizcard data into the BIOS boot screen.

Boot loader: a boot loader may be used to put your name and phone number
(or whatever text you choose) into the boot sequence before the
operating system is loaded. This provides a label that can't be removed
by editing files or even doing a simple format of the harddisk. Some
boot loaders (e.g. LILO) offer a password option, which is highly
recommend (note without it's very easy to get root access).

Camouflage: if you carry a dedicated laptop bag, this can be spotted by
a thief easily. So think about getting another kind of bag.

Serial Number: note the serial number in a secure place. This will be
necessary if your laptop gets stolen.

Use of software that connects and identifies itself: As far as I know
there was an old DOS utility that did something like this. It embedded
itself into the bootsector and upon a certain keycombination it would throw a
serial number onto the screen and play an audio code through the speaker
(in case th monitor was no longer usable for whatever reason). You were
supposed to register the serial number with the company that produced
the utility.

The laptop can send a mail with its real IP address if connected (mail
with a print of ifconfig started by
/etc/ppp/ip-up or by a cron job
(if connected at a company-network).

Always remove the external devices and secure them in another
place/room. Set the BIOS to boot on the hard disk first as a default
setting and remove boot on other devices if possible. Also try to plug
the power supply in the least accessible plug. So if your machine get
stolen in your office the 'quick way' (e.g. during a 5 sec. cigarette
break), the stealer won't perhaps have time to get the power supply,
neither the time to get the drives. Perhaps he/she will end up with a
less useful laptop and you may recover it.

Electronic Devices (Transponders): There are also devices available,
which can be detected remote via satellites, see my page
about stolen laptops for a survey.

The Day After

Your primary goal is to prevent your laptop from being stolen in the
first place. Your secondary goal is to recover it after it is stolen.
Report it to the police station ASAP. Check the local newsgroup (in
case...) or even post in it.

Resources

The chapter about theft protection has taken some advantages of ideas
of Lionel "Trollhunter" Bouchpan-Lerust-Juery and a discussion, which has
taken place in the
debian-laptop
mailing list in January 2001.